Amendments to the Claims 

1. (Currently Amended) A method for preventing buffer overrun security 
vulnerabilities comprising: 

placing a return address on a stack; 

calculating a random number; 

saving the random number in a secure location; 

adding placing a plurality of empty spaces equal to the random number in t e-a 

known place on the stack; 
executing a called function; 

removing one or more of the plurality of empty spaces from the known place on 

the stack where they were previously placed to find the return address; and 
setting an end of stack pointer to an end of stack frame. 

2. (Currently Amended) The method of claim 1, further comprising: 
calculating a random numb e r; 

saving the random number in a secure location; 

placing a plurality of blank bytes equal to the random number to th e stack ; 
building a stack frame by placing values from the called function to the stack; and 
setting an end of stack pointer to an end of the stack frame. 

3. (Previously Presented) The method of claim 2, wherein the location comprises a 
processor register that is not generally accessible. 
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4. (Previously Presented) The method of claim 1, further comprising: 
recalling the random number saved; 

removing a number of bytes equal to the random number from the stack; 
retrieving the return address for the called function from the stack; and 
setting an end of stack pointer to an end of a previous stack frame. 

5. (Previously Presented) The method of claim 1, further comprising: 
calculating a hash value of stack invariants; 

saving the hash value in a secure location; and 

building a stack frame by placing values from the called function onto the stack. 
Claims 6-11 (Canceled) 

12. (Currently Amended) An apparatus, comprising: 

a storage device having stored therein one or more routines for preventing buffer 

overrun security vulnerabilities; and 
a processor coupled to the storage device for executing the one or more routines 

to prevent buffer overrun errors by: 

placing a return address on a stack, 

calculating a random number: 

saving the random number in a secure location; 

adding placing a plurality of empty spaces equal to the random number in 
te-a known place on the stack; 
executing a called function, 
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removing one or more of the plurality of empty spaces from the known 
place on the stack where they were previously placed to find the 
return address, and 

setting an end of stack pointer to an end of stack frame. 

13. (Currently Amended) The apparatus of claim 12, wherein the processor to prevent 
buffer overrun errors by: 

calculate a random number; 

save the random number in a s ecure location; 

place a plurality of blank bytes equal to the random number to th e stack; 

build a stack frame by placing values from the called function onto the stack; and 

set an end of stack pointer to an end of the stack frame. 

14. (Previously Presented) The apparatus of claim 13, wherein the location comprises 
a processor register that is not generally accessible. 



Claims 15-22 (Canceled) 



23. (Currently Amended) A machine-readable medium having stored thereon data 
representing sets of instructions which, when executed by a machine, cause the 
machine to: 

place a return address on a stack; 

calculate a random number; 

save the random number in a secure location: 

add- place a plurality of empty spaces equal to the random number int e a known 
place on a stack; 
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execute a called function; 

remove one or more of the plurality of empty spaces from the known place on the 
stack where they were previously placed to find the return address; and 
set an end of stack pointer to an end of stack frame. 

24. (Currently Amended) The machine-readable medium of claim 23, wherein the 
sets of instructions which, when executed by the machine, further cause the 
machine to: 

calculat e a random number; 

save the random numb e r in a secure location; 

place a plurality of blank byt e s equal to the random numb e r to the stack ; 
build stack frame by placing values from the called function onto the stack; and 
set an end of stack pointer to an end of the stack frame. 

25. (Previously Presented) The machine-readable medium of claim 24, wherein the 
location comprises a processor register that is not generally accessible. 

Claims 26-33 (Canceled) 

34. (Currently Amended) A system, comprising: 
a storage medium; and 

a processor coupled with-to the storage medium, the processor to 
place a return address on a stack, 



Docket No: 42390P10503 
Application No.: 09/823,491 



5 



calculate a random number; 

save the random number in a secure location: 

a4d- place a plurality of empty spaces equal to the random number in te-a 

known place on the stack, 
execute a called function, 

remove one or more of the plurality of empty spaces from the known place 
on the stack where they were previously placed to find the return 
address, and 

set an end of stack pointer to an end of stack frame. 

35. (Currently Amended) The system of claim 34, wherein the processor is further to: 
calculate a random numb e r; 

save the random number in a secure location; 

place a plurality of blank bytes equal to the random number to the stack; 
build stack frame by placing values from the called function onto the stack; and 
set an end of stack pointer to an end of the stack frame. 

36. (Previously Presented) The system of claim 35, wherein the location comprises a 
processor register that is not generally accessible. 
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